NIXI CEO Mandates .bank.in Domain Migration for All Indian Banks Within Six Months

RBI and Electronics and Information Technology (MeitY) Move to Secure Banking Sector Amid Rising Digital Scams

In a decisive step to curb the growing menace of digital frauds targeting financial institutions, all Indian banks will be mandated to migrate to a new, more secure domain extension — .bank.in — within the next six months, according to Devesh Tyagi, CEO of the National Internet Exchange of India (NIXI). The initiative comes following consultations between the Reserve Bank of India (RBI) and the Ministry of Electronics and Information Technology (MeitY), after a sharp rise in cybercrimes impersonating banks. Tyagi made the announcement at The Powering Bharat Summit, hosted by Network18 in partnership with Moneycontrol, CNBC Awaaz, and News18 India.

Highlights:

• All Indian banks will shift to the .bank.in domain within six months.

• Move is in response to rising cyber frauds involving bank impersonation.

• RBI and MeitY jointly driving the domain migration strategy.

• Objective is to provide a uniform, verified digital identity for banks.

CERT-In Report Triggers Action as Fraudsters Exploit Banking Brands

According to Tyagi, a recent CERT-In study revealed that most online scams are executed under the guise of financial institutions, with fraudsters creating lookalike websites or domains that deceive users. The .bank.in domain aims to introduce a regulated and verified naming system, allowing customers to easily identify genuine banking websites and minimizing the risk of phishing attacks. The urgency of the move has been amplified by the increasing prevalence of fraud in Tier 2 and Tier 3 cities, where digital penetration has surged but awareness of cybersecurity remains low.

Highlights:

• CERT-In flagged financial sector impersonation as a major fraud vector.

• Banks under .bank.in will have pre-verified, government-backed domains.

• Targeting phishing and clone site attacks commonly used in online scams.

• Focused effort to safeguard users in smaller towns amid growing digital use.

NIXI Tightens Domain Security with New Accreditation and e-KYC Rules

To ensure domain-level integrity, NIXI has updated its Registrar Accreditation Agreement (RAA), aimed at enhancing cybersecurity and compliance among domain registrars operating under the .in domain ecosystem. Tyagi revealed that mandatory e-KYC has now been introduced for all domain applicants under .in, improving transparency and traceability. The step is intended to thwart anonymous domain registrations, which are often exploited by cybercriminals for fraud and spam campaigns.

Highlights:

• RAA updated to enhance compliance and registrar accountability.

• e-KYC mandatory for all .in domain registrations, increasing traceability.

• Effort to reduce anonymity and increase legitimacy in the Indian domain space.

Sector-Specific Domains Planned for MSMEs and Tourism with Built-In Security

Tyagi also disclosed that NIXI is collaborating with the Ministry of MSME and the Ministry of Tourism to develop sector-specific .in domains for greater security and branding. These domains will be managed by authorized agencies, with sector-specific policies and stringent cybersecurity protocols. The plan is part of NIXI’s broader vision to promote safe, localized digital ecosystems tailored to each sector’s needs, enhancing trust and visibility for Indian businesses online.

Highlights:

• MSME and tourism-specific .in domain initiatives under discussion.

• Will include custom security protocols and sectoral oversight.

• Objective is to promote sector-specific trust and traceability online.

• NIXI currently manages over 42 lakh .in domains, with focus on security-led growth.